| 1 | #!/usr/bin/env sh |
|---|
| 2 | # |
|---|
| 3 | # This demonstrates scalability of libabac. |
|---|
| 4 | # 10 principal/attribute credentials with couple |
|---|
| 5 | # of linked roles attributes are added, |
|---|
| 6 | # 2 sets of #VAL# attribute credentials along |
|---|
| 7 | # with #VAL# different principal ids are added. |
|---|
| 8 | # number of credentials, 9 + 4 x #VAL# |
|---|
| 9 | # |
|---|
| 10 | |
|---|
| 11 | rm -rf *.pem *.xml |
|---|
| 12 | if [ -z "${TESTDIR}" ] ; then |
|---|
| 13 | TESTDIR=../../../.. |
|---|
| 14 | fi |
|---|
| 15 | . ${TESTDIR}/test_util.sh |
|---|
| 16 | |
|---|
| 17 | $eloc/creddy --generate --cn District |
|---|
| 18 | $eloc/creddy --generate --cn Huntington |
|---|
| 19 | $eloc/creddy --generate --cn Alice |
|---|
| 20 | $eloc/creddy --generate --cn Ralphs |
|---|
| 21 | |
|---|
| 22 | $eloc/creddy --generate --cn Apple |
|---|
| 23 | $eloc/creddy --generate --cn Orange |
|---|
| 24 | $eloc/creddy --generate --cn Banana |
|---|
| 25 | $eloc/creddy --generate --cn Computer |
|---|
| 26 | |
|---|
| 27 | # [keyid:District].role:buys |
|---|
| 28 | # <- [keyid:District].role:employee.role:buys |
|---|
| 29 | $eloc/creddy --attribute \ |
|---|
| 30 | --issuer District_ID.pem --key District_private.pem --role "buys" \ |
|---|
| 31 | --subject-cert District_ID.pem --subject-role employee.buys \ |
|---|
| 32 | --out district_buys__district_employee_buys_attr.xml |
|---|
| 33 | |
|---|
| 34 | # [keyid:District].role:employee |
|---|
| 35 | # <- [keyid:District].role:school.role:admin |
|---|
| 36 | $eloc/creddy --attribute \ |
|---|
| 37 | --issuer District_ID.pem --key District_private.pem --role "employee" \ |
|---|
| 38 | --subject-cert District_ID.pem --subject-role school.admin \ |
|---|
| 39 | --out district_employee__district_school_admin_attr.xml |
|---|
| 40 | |
|---|
| 41 | # [keyid:District].role:school <- [keyid:Huntington] |
|---|
| 42 | $eloc/creddy --attribute \ |
|---|
| 43 | --issuer District_ID.pem --key District_private.pem --role "school" \ |
|---|
| 44 | --subject-cert Huntington_ID.pem \ |
|---|
| 45 | --out district_school__huntington_attr.xml |
|---|
| 46 | |
|---|
| 47 | # [keyid:Huntington].role:admin <- [keyid:Alice] |
|---|
| 48 | $eloc/creddy --attribute \ |
|---|
| 49 | --issuer Huntington_ID.pem --key Huntington_private.pem --role "admin" \ |
|---|
| 50 | --subject-cert Alice_ID.pem \ |
|---|
| 51 | --out huntington_admin__alice_attr.xml |
|---|
| 52 | |
|---|
| 53 | # [keyid:Alice].role:buys <- [keyid:Apple] |
|---|
| 54 | $eloc/creddy --attribute \ |
|---|
| 55 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
|---|
| 56 | --subject-cert Apple_ID.pem \ |
|---|
| 57 | --out alice_buys__apple_attr.xml |
|---|
| 58 | |
|---|
| 59 | # [keyid:Alice].role:buys <- [keyid:Orange] |
|---|
| 60 | $eloc/creddy --attribute \ |
|---|
| 61 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
|---|
| 62 | --subject-cert Orange_ID.pem \ |
|---|
| 63 | --out alice_buys__orange_attr.xml |
|---|
| 64 | |
|---|
| 65 | # [keyid:Alice].role:buys <- [keyid:Banana] |
|---|
| 66 | $eloc/creddy --attribute \ |
|---|
| 67 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
|---|
| 68 | --subject-cert Banana_ID.pem \ |
|---|
| 69 | --out alice_buys__banana_attr.xml |
|---|
| 70 | |
|---|
| 71 | |
|---|
| 72 | # [keyid:Ralphs].role:order |
|---|
| 73 | # <- [keyid:Ralphs].role:eduPartner.role:buys |
|---|
| 74 | $eloc/creddy --attribute \ |
|---|
| 75 | --issuer Ralphs_ID.pem --key Ralphs_private.pem --role "order" \ |
|---|
| 76 | --subject-cert Ralphs_ID.pem --subject-role "eduPartner.buys" \ |
|---|
| 77 | --out ralphs_order__ralphs_eduPartner_buys_attr.xml |
|---|
| 78 | |
|---|
| 79 | # [keyid:Ralphs].role:eduPartner <- [keyid:District] |
|---|
| 80 | $eloc/creddy --attribute \ |
|---|
| 81 | --issuer Ralphs_ID.pem --key Ralphs_private.pem --role "eduPartner" \ |
|---|
| 82 | --subject-cert District_ID.pem \ |
|---|
| 83 | --out ralphs_eduPartner__district_attr.xml |
|---|
| 84 | |
|---|
| 85 | |
|---|
| 86 | ############### NOISE ####################################### |
|---|
| 87 | # [keyid:Ralphs].role:eduPartner <- [keyid:DistrictX] |
|---|
| 88 | for i in $(seq 1 #VAL#); |
|---|
| 89 | do |
|---|
| 90 | district="District$i" |
|---|
| 91 | $eloc/creddy --generate --cn $district |
|---|
| 92 | fstr="ralphs_eduPartner__${district}_attr.xml" |
|---|
| 93 | $eloc/creddy --attribute \ |
|---|
| 94 | --issuer Ralphs_ID.pem --key Ralphs_private.pem \ |
|---|
| 95 | --role "eduPartner" \ |
|---|
| 96 | --subject-cert ${district}_ID.pem \ |
|---|
| 97 | --out $fstr |
|---|
| 98 | done |
|---|
| 99 | |
|---|
| 100 | # [keyid:Huntington].role:admin <- [keyid:BobX] |
|---|
| 101 | for i in $(seq 1 #VAL#); |
|---|
| 102 | do |
|---|
| 103 | bob="Bob$i" |
|---|
| 104 | $eloc/creddy --generate --cn $bob |
|---|
| 105 | fstr="huntington_admin__${bob}_attr.xml" |
|---|
| 106 | $eloc/creddy --attribute \ |
|---|
| 107 | --issuer Huntington_ID.pem --key Huntington_private.pem \ |
|---|
| 108 | --role "admin" \ |
|---|
| 109 | --subject-cert ${bob}_ID.pem \ |
|---|
| 110 | --out $fstr |
|---|
| 111 | done |
|---|
